High-Tech Santé Médecine Droit-Finances

Auto-Entrepreneur

Comment faire ?

Rechercher : dans
Par :

Supprimer Total security version 4.52?

Dernière réponse le 2 oct 2009 à 05:10:26 Smallfairy, le 23 aoû 2009 à 16:53:51 
 Signaler ce message aux modérateurs

Bonjour,
Le logiciel total sécurity version 4.52 c'est installé seul sur mon ordi et me fait des analyse a longeur de temps me disant que je suis infesté de virus.
Comment m'en débarassé
Aidez moi s'il vous plais car sa commence a beaucoup me déranger
Merci

Configuration: Windows XP
Firefox 3.0.13

Posez votre question Répondre

1

gen-hackman, le 23 aoû 2009 à 17:05:01
  • +2

Ouais salut je te comprends , et je dirais meme plus gavant :)

Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent

▶ Télécharge List&Kill'em et enregistre-le sur ton bureau

Il ne necessite pas d'installation

▶double clic (clic droit "executer en tant qu'administrateur" pour Vista) pour lancer le scan

choisis la langue puis choisis l'option 1 = Mode Recherche

▶laisse travailler l'outil

le rapport va s'afficher , une fois le scan fini

▶▶▶▶▶▶▶ ATTENTION : Efface ton adresse IP stp !!!!

ici :

[121]: KB973815 - Update
[122]: KB973869 - Update
[123]: XpsEPSC
Carte(s) r‚seau: 4 carte(s) r‚seau install‚e(s).
[01]: Bluetooth PAN Network Adapter
Nom de la connexion : Connexion au r‚seau local 2
tat : Support d‚connect‚
[02]: Intel(R) PRO/1000 CT Network Connection
Nom de la connexion : Connexion au r‚seau local
DHCP activ‚ : Non
Adresse(s) IP
[01] : 192.168.0.11
[03]: VirtualBox Host-Only Ethernet Adapter
Nom de la connexion : VirtualBox Host-Only Network
DHCP activ‚ : Non
Adresse(s) IP
[01] : 192.168.56.1
[04]: VirtualBox Host-Only Ethernet Adapter
Nom de la connexion : VirtualBox Host-Only Network #2
DHCP activ‚ : Non
Adresse(s) IP
[01] : 192.168.217.1

Nom de l'image PID˙ Nom de la sessio Num‚ro d Utilisation
========================= ====== ================ ======== ============
System Idle Process 0 Console 0 16 Ko
System 4 Console 0 244 Ko
smss.exe 916 Console 0 400 Ko
csrss.exe 972 Console 0 4˙456 Ko
winlogon.exe 996 Console 0 3˙536 Ko

▶ colle le contenu dans ta prochaine réponse ♦G3и-н@˘км@и™©®♦

   
Répondre à gen-hackman

9

julie6694, le 29 sep 2009 à 22:05:47

Bonjour desole de te derange mais g un grave probleme avec total security si tu peux maider voila le rapport

List'em by g3n-h@ckm@n 1.0.3.2

updated on 25.09.2009 ::::: 23.54


Microsoft Windows [version 6.0.6000]


29/09/2009 21:53:50,16


Nom de l'h“te: PC-DE-SYLVIA
Nom du systŠme d'exploitation: Microsoftİ Windows VistaT dition Familiale Premium
Version du systŠme: 6.0.6000 N/A version 6000
Fabricant du systŠme d'exploitation: Microsoft Corporation
Configuration du systŠme d'exploitation: Station de travail autonome
Type de version du systŠme d'exploitation: Multiprocessor Free
Propri‚taire enregistr‚: sylvia
Organisation enregistr‚e: Hewlett-Packard
Identificateur de produit: 89578-OEM-7332157-00061
Date d'installation originale: 06/12/2007, 19:12:15
Heure de d‚marrage du systŠme: 29/09/2009, 13:50:34
Fabricant du systŠme: Hewlett-Packard
ModŠle du systŠme: Compaq Presario F700 Notebook PC
Type du systŠme: X86-based PC
Processeur(s): 1 processeur(s) install‚(s).
[01]˙: x64 Family 15 Model 104 Stepping 2 AuthenticAMD ~1600 MHz
Version du BIOS: Hewlett-Packard F.04 , 27/11/2007
R‚pertoire Windows: C:\Windows
R‚pertoire systŠme: C:\Windows\system32
P‚riph‚rique d'amor‡age: \Device\HarddiskVolume1
Option r‚gionale du systŠme: fr;Fran‡ais (France)
ParamŠtres r‚gionaux d'entr‚e: fr;Fran‡ais (France)
Fuseau horaire: (GMT+01:00) Bruxelles, Copenhague, Madrid, Paris
M‚moire physique totale: 1˙982 Mo
M‚moire physique disponible: 852 Mo
Fichier d'‚change˙: taille maximale: 4˙185 Mo
Fichier d'‚change˙: disponible: 2˙654 Mo
Fichier d'‚change˙: en cours d'utilisation: 1˙531 Mo
Emplacements des fichiers d'‚change: C:\pagefile.sys
Domaine: WORKGROUP
Serveur d'ouverture de session: \\PC-DE-SYLVIA
Correctif(s): 130 Corrections install‚es.
[01]: {E2F06614-9C1E-407C-B963-02DC339F7A0A}
[02]: {1D94099C-2BBA-440E-BD5E-093BBDF8F028}
[03]: {5F7F6FFF-395D-480E-8450-64F385D82C5F}
[04]: {63193DF7-81DB-46C9-A908-06B2296AB87F}
[05]: {797AE457-BA17-4BBC-B501-25FB3A0103C7}
[06]: {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
[07]: {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
[08]: {C695B2BC-F337-4FE3-B0EB-A0918CCEC3B6}
[09]: {5F7F6FFF-395D-480E-8450-64F385D82C5F}
[10]: {63193DF7-81DB-46C9-A908-06B2296AB87F}
[11]: {797AE457-BA17-4BBC-B501-25FB3A0103C7}
[12]: {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
[13]: {D7C5B9DC-6E4C-4DEE-9A7B-4183DA4DC1C2}
[14]: KB905866
[15]: KB925255
[16]: KB925528
[17]: KB925902
[18]: KB929399
[19]: KB929550
[20]: KB929577
[21]: KB929615
[22]: KB929735
[23]: KB929761
[24]: KB929762
[25]: KB929763
[26]: KB929777
[27]: KB930163
[28]: KB930178
[29]: KB930857
[30]: KB931099
[31]: KB931174
[32]: KB931573
[33]: KB931621
[34]: KB932030
[35]: KB932471
[36]: KB932818
[37]: KB933579
[38]: KB933729
[39]: KB934237
[40]: KB934374
[41]: KB935652
[42]: KB936003
[43]: KB936021
[44]: KB936357
[45]: KB936479
[46]: KB936782
[47]: KB936825
[48]: KB937077
[49]: KB938127
[50]: KB938660
[51]: KB938952
[52]: KB939159
[53]: KB939165
[54]: KB940199
[55]: KB941202
[56]: KB941229
[57]: KB941568
[58]: KB941569
[59]: KB941600
[60]: KB941644
[61]: KB943055
[62]: KB943078
[63]: KB945553
[64]: KB946026
[65]: KB946456
[66]: KB947172
[67]: KB949939
[68]: KB905866
[69]: KB928089
[70]: KB929123
[71]: KB929427
[72]: KB929916
[73]: KB931213
[74]: KB931671
[75]: KB931768
[76]: KB931836
[77]: KB932246
[78]: KB933360
[79]: KB933566
[80]: KB933928
[81]: KB935280
[82]: KB935807
[83]: KB936824
[84]: KB937143
[85]: KB938123
[86]: KB938194
[87]: KB938371
[88]: KB938464
[89]: KB938979
[90]: KB941649
[91]: KB941651
[92]: KB942615
[93]: KB942624
[94]: KB942763
[95]: KB943302
[96]: KB943411
[97]: KB943899
[98]: KB944533
[99]: KB946041
[100]: KB948590
[101]: KB948881
[102]: KB950124
[103]: KB950125
[104]: KB950582
[105]: KB950762
[106]: KB950974
[107]: KB951066
[108]: KB951072
[109]: KB951376
[110]: KB951698
[111]: KB952287
[112]: KB953155
[113]: KB953733
[114]: KB954154
[115]: KB954211
[116]: KB954366
[117]: KB954459
[118]: KB954708
[119]: KB955020
[120]: KB955069
[121]: KB955519
[122]: KB956390
[123]: KB956391
[124]: KB956841
[125]: KB957095
[126]: KB957097
[127]: KB957321
[128]: KB958644
[129]: KB959108
[130]: KB959130
Carte(s) r‚seau: 2 carte(s) r‚seau install‚e(s).
[01]: NVIDIA nForce Networking Controller
Nom de la connexion˙: Connexion au r‚seau local
DHCP activ‚˙: Oui
Serveur DHCP˙: 172.20.230.15
Adresse(s) IP

[02]: Atheros AR5007 802.11b/g WiFi Adapter
Nom de la connexion˙: Connexion r‚seau sans fil
tat˙: Support d‚connect‚

Nom de l'image PID Nom de la sessio Num‚ro de s Utilisation
========================= ======== ================ =========== ============
System Idle Process 0 Services 0 28 Ko
System 4 Services 0 13˙448 Ko
smss.exe 372 Services 0 552 Ko
csrss.exe 504 Services 0 4˙628 Ko
wininit.exe 556 Services 0 3˙196 Ko
csrss.exe 568 Console 1 9˙676 Ko
services.exe 604 Services 0 6˙208 Ko
lsass.exe 616 Services 0 2˙944 Ko
lsm.exe 624 Services 0 3˙680 Ko
winlogon.exe 716 Console 1 4˙672 Ko
svchost.exe 824 Services 0 6˙160 Ko
svchost.exe 896 Services 0 6˙400 Ko
svchost.exe 928 Services 0 40˙960 Ko
svchost.exe 1056 Services 0 10˙332 Ko
svchost.exe 1100 Services 0 92˙372 Ko
svchost.exe 1124 Services 0 79˙868 Ko
audiodg.exe 1188 Services 0 11˙632 Ko
SLsvc.exe 1228 Services 0 8˙176 Ko
svchost.exe 1268 Services 0 11˙132 Ko
svchost.exe 1432 Services 0 18˙044 Ko
aswUpdSv.exe 1584 Services 0 316 Ko
ashServ.exe 1632 Services 0 24˙024 Ko
spoolsv.exe 1864 Services 0 7˙428 Ko
avguard.exe 1888 Services 0 2˙180 Ko
svchost.exe 1904 Services 0 15˙960 Ko
sched.exe 744 Services 0 1˙040 Ko
svchost.exe 1244 Services 0 4˙168 Ko
RichVideo.exe 1592 Services 0 3˙348 Ko
SeaPort.exe 984 Services 0 9˙624 Ko
svchost.exe 2176 Services 0 5˙532 Ko
svchost.exe 2204 Services 0 2˙084 Ko
SearchIndexer.exe 2228 Services 0 20˙896 Ko
XAudio.exe 2328 Services 0 2˙084 Ko
hpqWmiEx.exe 2360 Services 0 4˙276 Ko
VMCService.exe 2392 Services 0 11˙776 Ko
taskeng.exe 2548 Console 1 4˙092 Ko
dwm.exe 2628 Console 1 67˙724 Ko
taskeng.exe 2664 Console 1 10˙344 Ko
explorer.exe 2700 Console 1 52˙076 Ko
tsc.exe 2728 Console 1 26˙168 Ko
WmiPrvSE.exe 2944 Services 0 11˙020 Ko
rundll32.exe 2968 Console 1 3˙876 Ko
rundll32.exe 2996 Console 1 5˙128 Ko
SynTPStart.exe 3004 Console 1 3˙976 Ko
QPService.exe 3076 Console 1 7˙192 Ko
ashMaiSv.exe 3116 Services 0 1˙232 Ko
QLBCTRL.exe 3136 Console 1 7˙188 Ko
WmiPrvSE.exe 3244 Services 0 5˙036 Ko
MSASCui.exe 3408 Console 1 9˙844 Ko
hpwuSchd2.exe 3472 Console 1 2˙568 Ko
ashWebSv.exe 3528 Services 0 3˙856 Ko
HPWAMain.exe 3536 Console 1 5˙492 Ko
WiFiMsg.exe 3556 Console 1 3˙852 Ko
jusched.exe 3572 Console 1 4˙452 Ko
apdproxy.exe 3640 Console 1 3˙640 Ko
avgnt.exe 3648 Console 1 2˙664 Ko
MobileConnect.exe 3668 Console 1 19˙444 Ko
ashDisp.exe 3736 Console 1 3˙976 Ko
sidebar.exe 3744 Console 1 8˙680 Ko
msnmsgr.exe 3800 Console 1 5˙580 Ko
ehtray.exe 3980 Console 1 1˙660 Ko
SynTPEnh.exe 3996 Console 1 5˙856 Ko
wmpnscfg.exe 2384 Console 1 4˙328 Ko
ehmsas.exe 3100 Console 1 3˙576 Ko
wmpnetwk.exe 1044 Services 0 7˙904 Ko
HpqToaster.exe 3512 Console 1 4˙688 Ko
HPHC_Service.exe 2976 Services 0 7˙448 Ko
ieuser.exe 5004 Console 1 12˙536 Ko
AolTbServer.exe 4456 Console 1 6˙840 Ko
wltuser.exe 2524 Console 1 7˙312 Ko
iexplore.exe 5908 Console 1 82˙796 Ko
iexplore.exe 4316 Console 1 117˙228 Ko
taskeng.exe 5404 Services 0 5˙176 Ko
SearchProtocolHost.exe 4124 Services 0 8˙624 Ko
SearchFilterHost.exe 2588 Services 0 4˙504 Ko
List_Killem.exe 4344 Console 1 6˙392 Ko
conime.exe 5700 Console 1 3˙472 Ko
cmd.exe 4388 Console 1 2˙540 Ko
WmiPrvSE.exe 5356 Services 0 5˙128 Ko
TrustedInstaller.exe 6100 Services 0 23˙984 Ko
tasklist.exe 5680 Console 1 4˙560 Ko

Infections :
==========


¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :

"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"
"C:\Program Files\GamesBar"

¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :

HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

¤¤¤¤¤¤¤¤¤¤ C:\Windows\Prefetch :

ACRORD32.EXE-89736734.pf
ADOBEUPDATER.EXE-D873744E.pf
AgAppLaunch.db
AgCx_S1_S-1-5-21-1681742822-2173173852-823250016-1000.snp.db
AgCx_SC1.db
AgCx_SC1.db.trx
AgCx_SC2.db
AgCx_SC3_0F2850F7.db
AgGlFaultHistory.db
AgGlFgAppHistory.db
AgGlGlobalHistory.db
AgGlUAD_P_S-1-5-21-1681742822-2173173852-823250016-1000.db
AgGlUAD_S-1-5-21-1681742822-2173173852-823250016-1000.db
AgRobust.db
AOLTBSERVER.EXE-2F1E4D28.pf
ASHAVAST.EXE-C2026BF7.pf
ASHCHEST.EXE-B7CFB89F.pf
ASHMAISV.EXE-6E148274.pf
ASHSIMPL.EXE-42006B25.pf
ASHWEBSV.EXE-ABC7BAA7.pf
ATBROKER.EXE-FF58B71D.pf
AVADMIN.EXE-E822D667.pf
AVAST.SETUP-11A05BC6.pf
AVAST.SETUP-84A5483F.pf
AVCENTER.EXE-F9302F97.pf
AVCONFIG.EXE-166DF4E0.pf
AVGNT.EXE-E101157F.pf
AVNOTIFY.EXE-3344516F.pf
AVSCAN.EXE-F988127B.pf
AVWSC.EXE-A384DC2B.pf
BCDEDIT.EXE-23D6A12E.pf
BRCLSMSG.EXE-4EFFE401.pf
CCLEANER.EXE-CC440CDB.pf
CCSETUP224.EXE-F939093A.pf
CMD.EXE-89305D47.pf
CODEC.SETUP_194.EXE-A44ADB19.pf
CONIME.EXE-B273009A.pf
CONSENT.EXE-65F6206D.pf
CONTROL.EXE-9459D5A0.pf
CSRSS.EXE-8C04D631.pf
DEFRAG.EXE-738093E8.pf
DFRGNTFS.EXE-4F838A89.pf
DLLHOST.EXE-71214090.pf
DLLHOST.EXE-893DDF55.pf
DLLHOST.EXE-8F3E119D.pf
DLLHOST.EXE-C5C55E89.pf
DLLHOST.EXE-D59299D2.pf
DRVINST.EXE-5F8E77CD.pf
DW20.EXE-F4A4A3C6.pf
DWM.EXE-AEABE78B.pf
DWWIN.EXE-EBDA23D8.pf
EHMSAS.EXE-6BE9D904.pf
EXPLORER.EXE-7A3328DA.pf
FIREWALLCONTROLPANEL.EXE-7F212016.pf
FIREWALLSETTINGS.EXE-59D9DF16.pf
FLASHUTIL10C.EXE-5DFF7861.pf
FREECELL.EXE-5A876790.pf
GETPRESTILE.EXE-BA07CB50.pf
HDWWIZ.EXE-C512B484.pf
HELPPANE.EXE-D1016F9E.pf
HPHC_SERVICE.EXE-B8B935C8.pf
HPQTOASTER.EXE-3B718527.pf
HPWUCLI.EXE-373855A7.pf
IEUSER.EXE-D895AB54.pf
IEXPLORE.EXE-1B894AFB.pf
JUCHECK.EXE-A596E8A2.pf
Layout.ini
LIST_KILLEM.EXE-2015D33F.pf
LOGON.SCR-7C80CA1C.pf
LOGONUI.EXE-1BEE4A84.pf
MAHJONG.EXE-D30A7F64.pf
MMC.EXE-348AF965.pf
MOBSYNC.EXE-D8BC6ED2.pf
MODE.COM-0F3F3F6D.pf
MPAS-FE_BD.EXE-DBA6D8E1.pf
MPCMDRUN.EXE-BB72ED6F.pf
MPSIGSTUB.EXE-89CA03A4.pf
MSASCUI.EXE-6465DB72.pf
MSNMSGR.EXE-DD43BBF4.pf
MSNTBUP.EXE-CB7798E4.pf
NOTEPAD.EXE-EB1B961A.pf
NTOSBOOT-B00DFAAD.pf
OPTIONCONVERTTOMODEM.EXE-B983AA36.pf
PfSvPerfStats.bin
PRESENTATIONFONTCACHE.EXE-42767AE9.pf
PRESENTATIONSETTINGS.EXE-6F4C5E34.pf
PREUPD.EXE-4F99113F.pf
ReadyBoot
REG.EXE-26976709.pf
REGSVR32.EXE-55A4EE79.pf
RUNDLL32.EXE-16B1DF16.pf
RUNDLL32.EXE-2E65B341.pf
RUNDLL32.EXE-34B17D05.pf
RUNDLL32.EXE-41E85287.pf
RUNDLL32.EXE-7ACEEE6A.pf
RUNDLL32.EXE-7BF4CE40.pf
RUNDLL32.EXE-82DA25E7.pf
RUNDLL32.EXE-8E6E3B62.pf
RUNDLL32.EXE-A908CA39.pf
RUNDLL32.EXE-C59AAAAD.pf
RUNDLL32.EXE-F452D79D.pf
SCHED.EXE-98844D43.pf
SEARCHFILTERHOST.EXE-AA7A1FDD.pf
SEARCHPROTOCOLHOST.EXE-AFAD3EF9.pf
SERVICES.EXE-2260497F.pf
SETUP.EXE-7FD554E6.pf
SETUP.EXE-C9C2CA7B.pf
SETUPFRE.EXE-5D60697D.pf
SMSS.EXE-1DCD0EB1.pf
SNDVOL.EXE-783DCB11.pf
SOLITAIRE.EXE-CB7A6274.pf
SVCHOST.EXE-8FD92526.pf
SYNTPENH.EXE-4361DC86.pf
SYSTEMINFO.EXE-F360EB78.pf
TASKENG.EXE-5BAF290C.pf
TASKLIST.EXE-9811F41E.pf
TRUSTEDINSTALLER.EXE-031B6478.pf
TSC.EXE-E7441506.pf
UPDATE.EXE-196C0F6E.pf
USERINIT.EXE-F39AB672.pf
VERCLSID.EXE-4D95F5A7.pf
VSSVC.EXE-04D079CC.pf
WERCON.EXE-FE5CD389.pf
WERMGR.EXE-2A1BCBC7.pf
WININIT.EXE-65FCAECD.pf
WINLOGON.EXE-8163EECC.pf
WLCOMM.EXE-648065CA.pf
WLTUSER.EXE-A6CDB501.pf
WMIADAP.EXE-369DF1CD.pf
WMIPRVSE.EXE-43972D0F.pf
WMPLAYER.EXE-9DE758AE.pf
WMPNETWK.EXE-BD0344CA.pf
WUAUCLT.EXE-830BCC14.pf




¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

   
Répondre à julie6694

2

djmalone, le 24 aoû 2009 à 00:07:55
  • +1

List'em by g3n-h@ckm@n 1.0.2.8

updated on 23.08.2009 ::::: 13.00


Microsoft Windows XP [version 5.1.2600]


23/08/2009 23:14:29,01


Infections :
==========


¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :

"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"
"C:\Program Files\SpyHeal"
"C:\program files\WinPCap"
"C:\program files\WinPCap"
"C:\program files\WinPCap"
"C:\program files\WinPCap\rpcapd.exe"
"C:\program files\WinPCap\rpcapd.exe"
"C:\WINDOWS\braviax.exe"
"C:\WINDOWS\jautoexp.dat"
"C:\WINDOWS\System32\1024"
"C:\WINDOWS\system32\braviax.exe"
"C:\WINDOWS\system32\drivers\npf.sys"
C:\WINDOWS\system32\msword98.exe
"C:\WINDOWS\System32\ot.ico"
"C:\WINDOWS\system32\Packet.dll"
"C:\WINDOWS\system32\pthreadVC.dll"
"C:\WINDOWS\System32\RemSvc.exe"
C:\WINDOWS\System32\setb5.tmp
"C:\WINDOWS\system32\WanPacket.dll"
"C:\WINDOWS\system32\wpcap.dll"
"C:\Documents and Settings\djmalone\Application Data\wiaserva.log"
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\WMAudioRedist.exe
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\dotnetfx.exe
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\avonesofttemp.exe
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\ImportDS.exe
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\Install_Messenger.exe
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\nerodeltmp.exe
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\AutoRun.exe
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\eauninstall.exe
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\Need for Speed Underground 2_uninst.exe
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\Install_WLMessenger.exe
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\iMesh_68901828.exe
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\nsfF5D0.tmp.exe
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\wlsetup-cvr.exe
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\LOADER.EXE
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\INSTALL.EXE
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\preconfig.exe
"C:\Documents and Settings\djmalone\LOCAL Settings\Temp\INSTALL.EXE"
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp37.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp26.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp101.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp1E.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp28.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp66C.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp63BD.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp8D7.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmpB23.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmpB26.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmpAB8D.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmpAB90.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmpB472.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmpE467.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmpED9F.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp10C6.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmpE4.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp60FA.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmpA009.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp3D25.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp3D28.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp4005.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp38A4.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp24F.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp4A.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmpBD0.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp157C.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp1577.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp1941.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp17B0.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp727.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp9C5.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp1D3.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp5874.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp183.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmp186.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\tmpF15.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\TMP3F9.tmp
C:\Documents and Settings\djmalone\LOCAL Settings\Temp\TMP44.tmp

¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :

HKLM\Software\Microsoft\Windows\CurrentVersion\Run "braviax"
HKLM\Software\Microsoft\Windows\CurrentVersion\Run "PromoReg"
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_NPF
HKLM\SYSTEM\ControlSet001\Services\npf
HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_NPF
HKLM\SYSTEM\ControlSet002\Services\npf
HKLM\SYSTEM\ControlSet003\Enum\Root\LEGACY_NPF
HKLM\SYSTEM\ControlSet003\Services\npf
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NPF
HKLM\SYSTEM\CurrentControlSet\Services\npf

¤¤¤¤¤¤¤¤¤¤ C:\WINDOWS\Prefetch :

NTOSBOOT-B00DFAAD.pf
CHKMAIL.EXE-17347DA1.pf
WMIPRVSE.EXE-28F301A9.pf
MSDEV.EXE-0AB299BF.pf
HELPSVC.EXE-2878DDA2.pf
WGATRAY.EXE-0ED38BED.pf
IMAPI.EXE-0BF740A4.pf
USERINIT.EXE-30B18140.pf
FSDC32.EXE-06E791EA.pf
HID2HCI.EXE-13770EEC.pf
LOGONUI.EXE-0AF22957.pf
EXPLORER.EXE-082F38A9.pf
RUNDLL32.EXE-415F88EC.pf
IEXPLORE.EXE-27122324.pf
NWIZ.EXE-2D0F9FBC.pf
SOUNDMAN.EXE-19745A34.pf
ALU.EXE-240DEF0E.pf
SVCHOST.EXE-3530F672.pf
VERCLSID.EXE-3667BD89.pf
NBPROBE.EXE-3217C30F.pf
SYNTPENH.EXE-315D3ABC.pf
HCONTROL.EXE-0199BF7C.pf
CENTER.EXE-013D3A4D.pf
IPCONFIG.EXE-2395F30B.pf
_EX-08.EXE-2630CB5F.pf
12605934.EXE-338DB49E.pf
CTFMON.EXE-0E17969B.pf
GSTART.EXE-0D766716.pf
NET1.EXE-029B9DB4.pf
NET.EXE-01A53C2F.pf
STEAM.EXE-3A35EC78.pf
SYNTPLPR.EXE-28BB9F3B.pf
DUMPREP.EXE-1B46F901.pf
NMBGMONITOR.EXE-241A04E8.pf
MSWORD98.EXE-34BAB255.pf
LGSYNCMANAGER.EXE-21AC3FFC.pf
ATKOSD.EXE-37CE784F.pf
ADVMSG.EXE-03AA211F.pf
NTVDM.EXE-1A10A423.pf
RAPIMGR.EXE-04A8BC13.pf
TASKMGR.EXE-20256C55.pf
FSSW.EXE-35E0E75E.pf
RUNDLL32.EXE-4489B61B.pf
RUNDLL32.EXE-451FC2C0.pf
AUTORUN.EXE-055703AF.pf
KITADSL.EXE-2168035F.pf
PACKSECU.EXE-3B1F7122.pf
9GET.EXE-0F8EB6D9.pf
NMINDEXSTORESVR.EXE-22A7DEEF.pf
LOCATOR.EXE-2C8326B1.pf
BN3D.TMP-3A804011.pf
NS58.TMP-26F57037.pf
BN5B.TMP-0FB0491F.pf
Layout.ini
NS62.TMP-36DD723C.pf
TMP44.TMP-23417160.pf
BN5A.TMP-03B3CA8C.pf
PACK_SECURITE.EXE-31F9CFA3.pf
QKLEZ.EXE-02D38972.pf
FSIHCOMP.EXE-07B97785.pf
IH8RUN.EXE-14D5E208.pf
IH8.EXE-388ECA84.pf
WIL.EXE-2EC92070.pf
SETUPGUIMNGR.EXE-0316CE41.pf
SETUPGUI.EXE-07995274.pf
FSSG.EXE-239391C8.pf
PRECONFIG.EXE-2AB5BB66.pf
SETUP.EXE-085A11CB.pf
FSSETUP.EXE-0FEB2A47.pf
CUSTSETUP.EXE-01592FE9.pf
CUSTINSTALL.EXE-13163A8A.pf
FSGK32ST.EXE-2F92F2FE.pf
LOGON.SCR-151EFAEA.pf
FSGK32.EXE-0A35A7BB.pf
FSSM32.EXE-2CCE1AE7.pf
LICMGR.EXE-097EAD1C.pf
FSAUACH.EXE-1BFD1B78.pf
VIRUSNEWS.EXE-03DED877.pf
GETUSERINFO.EXE-10216174.pf
RUNDLL32.EXE-1218E1AC.pf
JUSCHED.EXE-25206883.pf
PDVDSERV.EXE-20F18CFA.pf
WMPLAYER.EXE-18DDEFA6.pf
TNBUTIL.EXE-2EBF7A09.pf
9WIFI.EXE-231ED265.pf
READER_SL.EXE-3614FA6E.pf
DWWIN.EXE-30875ADC.pf
OSA9.EXE-27CD7DB8.pf
MDM.EXE-07915C2C.pf
BN57.TMP-1B16142C.pf
FSUS.EXE-014EB71F.pf
FSUS.EXE-2C509E03.pf
NOTEPAD.EXE-336351A9.pf
MODE.COM-31685BAE.pf
FSSW.EXE-22B42E56.pf
LIST_KILLEM.EXE-1F9F798A.pf
DEFRAG.EXE-273F131E.pf
DFRGFAT.EXE-03D95883.pf
CMD.EXE-087B4001.pf
REG.EXE-0D2A95F7.pf
WCESCOMM.EXE-062FDF7F.pf
WINLOGON.EXE-32C57D49.pf
FSHDLL32.EXE-17874DBC.pf
SPOOLSV.EXE-282F76A7.pf
ASWL2K.EXE-2057BA89.pf
FSAUA.EXE-0EFD9AE3.pf
WUAUCLT.EXE-399A8E72.pf
SCANWIZARD.EXE-12A0FB6C.pf
FSORSP.EXE-023E9450.pf
WMIAPSRV.EXE-1E2270A5.pf




¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

   
Répondre à djmalone

3

Beuz, le 24 aoû 2009 à 03:02:06

J'aimerais aussi supprimer ce logiciel qui sait installé automatiquement sur mon ordinateur ...

   
Répondre à Beuz

4

gen-hackman, le 24 aoû 2009 à 07:04:43

Salut

Redemarre en mode sans echec

▶ Relance List&Kill'em comme tu as fait pour l'option 1 (soit en clic droit pour vista),

mais cette fois-ci :

▶ choisis l'option 2 = Mode Destruction

laisse travailler l'outil

apres les verifications , un rapport va s'ouvrir.

▶ ferme-le.

un deuxieme rapport va s'ouvrir ,

▶ colle son contenu dans ta reponse ♦G3и-н@˘км@и™©®♦

   
Répondre à gen-hackman

5

kant-25, le 24 aoû 2009 à 10:23:14
  • +1

Salut , même problème depuis ce matin =S

Merci de m'aider SVP. Peut-on directement relancer la machine ou bien doit-on attendre votre diagnostique ?

List'em by g3n-h@ckm@n 1.0.2.8

updated on 23.08.2009 ::::: 13.00


Microsoft Windows XP [version 5.1.2600]


24/08/2009 10:19:17,65


Infections :
==========


¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :

"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat"
"C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat"
"C:\program files\WinPCap"
"C:\WINDOWS\iun6002.exe"
"C:\WINDOWS\System32\drivers\downld"
"C:\WINDOWS\system32\drivers\npf.sys"
"C:\WINDOWS\system32\Packet.dll"
"C:\WINDOWS\system32\prntvpt.dll"
"C:\WINDOWS\system32\pthreadVC.dll"
C:\WINDOWS\System32\SET3C.tmp
C:\WINDOWS\System32\SET3E.tmp
C:\WINDOWS\System32\SET42.tmp
C:\WINDOWS\System32\SET4A.tmp
"C:\WINDOWS\system32\WanPacket.dll"
"C:\WINDOWS\system32\wpcap.dll"
"C:\Documents and Settings\edwige\Application Data\wiaserva.log"
C:\Documents and Settings\edwige\LOCAL Settings\Temp\msgup900_2162_fr_v2.exe
C:\Documents and Settings\edwige\LOCAL Settings\Temp\TMP188.tmp

¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :

HKLM\Software\Microsoft\Windows\CurrentVersion\Run "PromoReg"
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_NPF
HKLM\SYSTEM\ControlSet001\Services\npf
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NPF
HKLM\SYSTEM\CurrentControlSet\Services\npf

¤¤¤¤¤¤¤¤¤¤ C:\WINDOWS\Prefetch :

13623594.EXE-13F8D102.pf
A2FREE.EXE-38E0B55C.pf
ACRORD32.EXE-15A396A1.pf
ALG.EXE-275708CF.pf
ASHMAISV.EXE-072F6A23.pf
ASHWEBSV.EXE-3530B302.pf
AVAST.SETUP-295443AF.pf
AVGAS.EXE-02F47B43.pf
CMD.EXE-034B0549.pf
DEFRAG.EXE-2858C7E2.pf
DFRGNTFS.EXE-38C3807C.pf
ENCARTA.EXE-05606AED.pf
ENCWCSVR.EXE-38736B4A.pf
ESBSI.EXE-287B604C.pf
FIREFOX.EXE-06188867.pf
FROSTWIRE.EXE-14D9F45B.pf
GOOGLETOOLBARNOTIFIER.EXE-0047A1C5.pf
GOOGLEUPDATERSERVICE.EXE-2F4A2F77.pf
HELPSVC.EXE-1C192440.pf
IEXPLORE.EXE-2D97EBE6.pf
IKERNEL.EXE-1DD5E349.pf
IMAPI.EXE-201490BB.pf
INSTALLDRIVER.EXE-173420D2.pf
INTEGRATOR.EXE-11B5E33A.pf
Layout.ini
LIST_KILLEM.EXE-1A6492FF.pf
LOGONUI.EXE-312BE1BF.pf
MODE.COM-318FFE37.pf
MSFEEDSSYNC.EXE-05335A39.pf
MSNMSGR.EXE-0EBDBC56.pf
NET.EXE-151FD66D.pf
NET1.EXE-02C3403D.pf
NOTEPAD.EXE-2F2D61E1.pf
NS18C.TMP-03DE9707.pf
NS18D.TMP-05ADD2CE.pf
NTOSBOOT-B00DFAAD.pf
OFFICELIVESIGNIN.EXE-0768AF43.pf
ONECLICK.EXE-0E6FFCC6.pf
ONECLICKSTARTER.EXE-1B4D3260.pf
PDFUPD.EXE-055523D3.pf
POWERPNT.EXE-2F92D967.pf
REALPLAY.EXE-05411014.pf
REG.EXE-07FA5B3F.pf
REGISTRYCLEANER.EXE-33DC5B02.pf
RUNDLL32.EXE-3CFE3AC0.pf
RUNDLL32.EXE-40C72AED.pf
RUNDLL32.EXE-46D9F648.pf
RUNDLL32.EXE-4C6EF5B9.pf
RUNDLL32.EXE-4E7C67C1.pf
RUNDLL32.EXE-5330E3A1.pf
RUNDLL32.EXE-57C8756E.pf
RUNDLL32.EXE-5F120771.pf
RUNDLL32.EXE-6ABB1C8A.pf
RUNDLL32.EXE-6E8D4657.pf
RUNDLL32.EXE-7242D970.pf
RUNDLL32.EXE-74C7096E.pf
RUNDLL32.EXE-75CF2D1A.pf
RUNDLL32.EXE-75E4D556.pf
RUNDLL32.EXE-75E9BCB5.pf
SETUP.OVR-1ABDA79A.pf
SS3DFO.SCR-185D0794.pf
SVCHOST.EXE-2D5FBD18.pf
TASKMGR.EXE-06144C13.pf
TMP188.TMP-2AE9DE74.pf
TUNEUPDEFRAGSERVICE.EXE-1B9CE779.pf
VERCLSID.EXE-28F52AD2.pf
VLC.EXE-02F29DFD.pf
WLCOMM.EXE-2F4516F1.pf
WMIADAP.EXE-32F99497.pf
WMIPRVSE.EXE-0D449B4F.pf
WMPLAYER.EXE-1ACCF80D.pf
WPV251250826839.EXE-25E71EE9.pf
WPV291251021207.EXE-350CBE8B.pf
WUAUCLT.EXE-1360D60A.pf
_EX-08.EXE-03E44DB3.pf
_EX-68.EXE-220FD799.pf




¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

   
Répondre à kant-25

6

gen-hackman, le 24 aoû 2009 à 10:30:08
  • +1

Kant-25 peux-tu poster sur le forum stp ? faire 2 pc en meme temps est ingérable ♦G3и-н@˘км@и™©®♦

   
Répondre à gen-hackman

7

kant-25, le 24 aoû 2009 à 10:39:26
  • +1

Oui pas de soucis désolé ;)

   
Répondre à kant-25

8

kant-25, le 24 aoû 2009 à 10:43:13
   
Répondre à kant-25

10

 gen-hackman, le 2 oct 2009 à 05:10:26

???????????? ♦G3и-н@˘км@и™©®♦

   
Répondre à gen-hackman
Posez votre question Répondre
Ils ont besoin de votre aide